I’ve mentioned numerous times the need to be careful with warning notices (and other e-mails) with links to external sites. In general, attackers will try to either install malware on your system or steal your credentials.
A typical attack doing the rounds at the moment revolves around Googles legitimate warning “Government-backed attackers may be trying to steal your password”. Real example from Google below.
The dodgy e-mail doing the rounds is below. Note the address it was sent from:
A very convincing fake; it’s easy to see why so many people (even experienced administrators) have fallen victim to this. Clicking on the link takes you to another very convincing site:
Once you enter your details (which will be saved by the attacker) you will then either be forwarded to a real Google site, or you’ll receive an error message. Either way your credentials have been stolen and your account in jeopardy. Even worse, if you are the administrator of your company’s e-mail the entire e-mail domain is at risk!
These sorts of attacks are very difficult to avoid. All staff need to be trained to recognise these attack vectors. Ideally you should have MFA in place but even that can be circumvented. If you have 5 minutes this video from one of our training partners demonstrates one method that can be used to circumvent security even when MFA is in place.
Testing of staff followed by training is the ideal method to beat these attacks. Are you sure your staff wouldn’t click a link in an e-mail such as the one above?